Q1 CYBERCRIME REPORT
160 W Santa Clara St
San Jose, CA, 95113
United States
threatmetrixTelephone: +1 408 200 5755
Fax: +1 408 200 5799
sales@threatmetrixthreatmetrixCybercrime Report
Q1 2017
Alisdair Faulkner
Chief Products Officer
2 Foreword
3 Overview
11 Transactions & Attacks
29 Top Attack Methods
35 Mobile
40 Conclusion
It sometimes feels like we are engaged in a similar battleground with cybercrime.
Fraudsters start every attack with the clear intention of outsmarting businesses,
running faster, playing cleverer to evade detection and capture. Organizations,
meanwhile face each day knowing that one chink in their security defenses could
mean the difference between success and failure. It’s a perilous path to tread.
Perhaps some businesses even feel more like the gazelle than the lion, trying hard
to escape the clutches of the fraudster and not always succeeding. This complex
interplay of the chase is a very real battle for survival and the businesses that
survive will be those with a single-minded vision to secure their defenses from the
threat of fraud.
The chief risk officer of one of our customers summarized the current landscape
thus: “fraud prevention is not a competitive advantage”; it’s a core business
function in our digital-first economy, intricately intertwined not only with profit
and loss but with net promoter scores and customer lifetime value. Quite simply,
it’s a business imperative.
Meanwhile, businesses must continue to prioritize digital first strategies. The
pilgrimage to digital transformation is an interesting one; the last year has
shown us that it is a journey that doesn’t seem to grow any shorter. We reach
key destinations along the way - assimilation of mobile, detection of new attack
methods - but new horizons promise greater change. Evolving cybercrime tactics,
the growth of a global digital economy, new technologies disrupting current
modus operandi. Every conversation that I have with heads of business currently
revolves around this fast pace of change; organizations must continually adapt or
be subsumed by the ever more nimble challengers.
There’s an old folklore that says:
“Every morning in Africa, a gazelle wakes up, it knows it must outrun the fastest
lion or it will be killed. Every morning in Africa, a lion wakes up. It knows it must
run faster than the slowest gazelle, or it will starve….”
At the same time we are facing a maelstrom of regulatory change, as countries
and regions attempt to drive innovation, promote competition and push for
safer and safer transaction methods. Europe is on the cliff face of PSD2; with
established financial institutions keen to tread a path between compliance and
maintaining the slick and risk-based authentication strategies they’ve worked so
hard to prioritize over more cumbersome token-based ones. FinTechs are bracing
themselves for the inevitable emergence of new players looking to capitalize on
this new open API ecosystem. Real-time payments are coming to Australia (NPP)
bringing it in line with several other global countries, along with the additional
risk this creates from removing the safety net of manual reviews and time-lags in
transaction processing.
As we hone our product roadmap for the year, we focus on continuing to deliver
capabilities that enable our customers to successfully navigate the evolving
regulatory landscape, changing customer behavior and the increasing pace of
cybercrime. At the heart of this strategy remains the power of Digital Identity
Intelligence to effectively distinguish between trusted users and potential threats.
It is only in the intricacies of these unique digital identities that stolen identities
and fraudulent tactics are revealed for what they truly are. And by combining with
behavioral analytics and machine learning, businesses can tailor their strategies to
individual user behavior, improving their capabilities to detect complex fraud with
a greater degree of accuracy.threatmetrixCybercrime Report
Q1 2017
Alisdair Faulkner
Chief Products Officer
2 Foreword
3 Overview
11 Transactions & Attacks
29 Top Attack Methods
35 Mobile
40 Conclusion
In the ever-evolving world of cybercrime, authentication continues to be a
mainstay of global digital businesses; accurately recognizing trusted returning
users and promoting a frictionless online environment builds a loyal customer base
and reduces attrition.
However, cybercrime is becoming an increasingly global phenomenon, operating
across borders in well organized criminal gangs, with knowledge sharing and
centralized intelligence. Attacks continue to evolve quicker than the tools and
techniques used to detect them.
Some key attack trends analyzed this quarter include:
The multifarious attack methods used in a 2017 cybercrime attack
The evolution of attacks from single to multi-vector approaches
Identity theft is a key issue for all industry sectors as they continue to
see attacks involving stolen and synthetic credentials, harvested from
omnipresent data breaches
The proliferation of RATs in the financial services sector
The sophistication of bot attacks
The only effective armor is to genuinely understand who your real
customers are and how they transact, by collecting and processing all the
information you know about them and using this to make informed risk
decisions.
2017: The Current Threat EnvironmentthreatmetrixCybercrime Report
Q1 2017
Alisdair Faulkner
Chief Products Officer
2 Foreword
3 Overview
11 Transactions & Attacks
29 Top Attack Methods
35 Mobile
40 Conclusion
The ThreatMetrix Cybercrime Report: Q1 2017 is based on actual cybercrime
attacks from January – March 2017 that were detected by the ThreatMetrix Digital
Identity Network (The Network) during real-time analysis and interdiction of
fraudulent online payments, logins and new account applications.
The Network provides visibility and insight into traffic patterns and emerging
threats.The Network analyzes close to two billion transactions per month, over
45% of which originate from mobile devices.
These transactions are analyzed for legitimacy based on hundreds of attributes,
including device identification, geolocation, previous history and behavioral
analytics.
The Network and its real-time policy engine provide unique insight into users’
digital identities, even as they move between applications, devices, and networks.
ThreatMetrix customers benefit from a global view of risks, based on these
attributes and rules that are custom-tuned specifically for their businesses.
Attacks discussed are from “high-risk” transactions scored by ThreatMetrix
customers.
Report Overview
。。。以上简介无排版格式，详细内容请下载查看